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Appendix A 

AIRMAGNET 

Distributed WLAN Integrity Management System 



The past year has seen the role of the 
Wireless LAN in the enterprise undergo a 
fundamental transformation. A 
groundswell of demand from both CXOs 
and end-users alike has made Wi-Fi a 
pervasive component of the enterprise 
network. This adoption, however, has 
been anything but strict. Growth has been 
notoriously viral and unregulated, making 
it a challenge to even know about all the 
Wi-Fi infrastructure being deployed, 
much less manage it. 



New breeds of security measures have 
evolved out of necessity, but have done 
so without a methodology to insure that 
they are actually enforced. Environmental 
factors continue to impact the 
performance and reliability of the 
network itself, and a reliance on outdated 
tools intended for wired networks has 
forced network managers into a purely 
reactive management strategy. These 
issues are the unique domain of the 
AirMagnet Distributed System. 



Th e AirMag net Djstrib^ 



WLAN 
Integrity 
Management 

ensuring network 

Security 
Performance 

and Reliability 



The AirMagnet Distributed System is the 
first and only solution to fully address the 
Integrity of wireless networks ■ providing 
24x7 monitoring of the Security, 
Performance, and Reliability of any 
number of WLANs, and delivering 
actionable information to management 
staffs and systems anywhere in the world. 

AirMagnet Distributed replaces an 
informational void with complete 
knowledge of every Wi-Fi device and 
channel in the environment regardless of 
band (11a. 11b, or 11g). Management staff 
can easily monitor the security measures 



in use on every device to insure 
compliance with established policies, 
while automatically scanning for dozens 
of wireless network attacks. In addition to 
security, the AirMagnet Distributed 
System proactively addresses the 
performance and reliability of the 
network, without which, the WLAN simply 
could not be held to enterprise standards. 
Dozens of configurable alarms proactively 
alert managers to developing issues 
before they lead to problems, and a suite 
of active testing utilities enable managers 
to test their infrastructure from any 
location they choose. 



Wi-Fi Today 



fOiiWO/Vt Aflteff-Hods . 



Wi-Fi with AirMagnet 




. Enterprise Grade Security 

Predictoblc Performance. 

Network .Reliability. "... 
.. . . Automatic Policy Monitoring 

Proactive Management " 
Purpose Bulk for Wi-Fi. 



2 life 



AirMagnet Distributed 

WLAN Integrity Management delivers security, 
performance, and reliability throughout the network hfecycle 
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The front line of the AirMagnet Distributed System is manned by 
strategically placed Intelligent Sensors. These sensors provide 
around-the-clock coverage of the entire wireless environment 
including all Ha. 11b. and llg channels and infrastructure. 
Each individual sensor is armed with the patent-pending 
AirWISE Analytical Engine, to autonomously monitor the 
security, performance, and reliability of the network. 
Functionality built into each sensor, allows network 
professionals to: 

Gain Control Over Security Policy 

No issue has defined Wi-Fi more than security. While the past 
year has welcomed new security protocols that make WLANs as 
secure as their wired counterparts, insuring that all users and 
stations comply with these security measures has been 
another issue entirely. AirMagnet Sensors address this gap by 
auditing and validating the security of every Wi-Fi device in the 
network, providing managers with an easy process to insure all 
users employ the appropriate level of security. Supported 
protocols include: 



• uvep 

• leap 

• peap 

• tkip 



» mic 

• 802.1 x 

• ttls 

• tls 



* pptpvpn 

* I2tpvpn 

* sshvpn 



ipsecvpn 



Detect Wireless Intruders and Attacks 
Maintaining internal defenses is only half the security battle. 
As Wi-Fi has grown, so too have the number and sophistication 
of wireless attacks. AirMagnet Sensors have been engineered 
specifically to counter these threats - scanning the 
environment for Rogue APs and War-Drivers, Spoofed MAC 
Addresses, and a host of Denial of Service Attacks unique to 
Wi-Fi. Sensors send encrypted real-time alarms in response to 
an attack , allowing staff to respond before 
the network is impacted. 



Lock In Network Performance 

Radio Frequency transmissions are inherently 

susceptible to environmental factors such as 

physical obstructions and radio interference 

from a variety of sources. If not identified 

and managed, these factors can lead to 

unacceptable performance for the 

end-user. To address this 

challenge, AirMagnet Sensors 

constantly monitor and 

alarm on over 20 key 

indicators of network health, 

allowing engineers to take a 

proactive approach to the 

maintenance of the network, 



Ensure Network Reliability 
In addition to predictable performance, WLANs 
must be highly reliable before being considered 
business grade. The AirMagnet Distributed System 
addresses this need with a suite of alarms and diagnostics 
that detect network faults and misconfigurations that can lead 
to outages in the network, These diagnostics are 
complemented by active utilities to pin down the sources of 
connectivity problems in the network. 



3Mi 



AirMagnet Distributed: 

24x7 Wi-Fi Integrity Management 

• multi-band coverage -11 a r b,g 

• infrastructure agnostic 

• standards based security 

• control over network pol icy 
and growth 

• proactive management 

« local processing ensures 
enterprise scalability 

• integrated with leading 
network management 
consoles 
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AirMagnet 
Consoles 



AirMagnct 

Management 

Server 



AirMagnet 
Consoles 




Secujejkal^^ 

Controlled Centralized System Management 
The AirMagnet Management Server receives information 
from every AirMagnet Sensor and provides a centralized 
SQL database of all network data and alarms. SNMP traps 
allow for seemless integration with leading management 
consoles such as HP Open View and CA UniCenter. All 
traffic is secured via SSL and TLS insuring management 
information remains secure while interoperating with 
corporate firewalls and VPNs. 

Configuration and User Management 
The Management Server also maintains configurations 
for every Sensor in the System, allowing IT Personnel to 
tune sensor thresholds appropriately for each location. 
Additionally, AirMagnet Distributed supports three 
unique user levels, insuring that theusers access only 
the level of information appropriate for their role and 
level of responsibility. 

Anywhere, Anytime Integrity Management 
The AirMagnet Management Console provides the 
User Interface to The AirMagnet Distributed System. 
From the Management Console. Users can view alarms 
and WLAN health by Campus, Building. Floor, or by 
individual Sensor. Consoles can be run securely whether 
in a NOC. or remotely on a laptop or Pocket PC - keeping 
networkers connected to the information they need, 
regardless of their location. 

Remote Drill-Down 

One of the most powerful features of the AirMagnet 
Console is the ability to remotely drill in to any AirMagnet 
Sensor. This allows Users to securely connect to a 
particular sensor, from any location, and view detailed 
information in real-time. Users can view low level data 
on every channel and device in the area, see alarms, real- 
time local statistics, and even review packet decodes. 

Remote Troubleshooting and Active Tools 
Using the Remote Ul built into the AirMagnet 
Management Console, Users can leverage a host of 
active troubleshooting tools to pinpoint problems in 
the network, These tools allow the User to remotely 
test Throughput on a particular AP, Diagnose 
Connection Problems, and perform Layer 3 
Debugging and End-to-End Provisioning. 
Such remote capability greatly 
reduces the need to dispatch 
resources when 
troubleshooting the WLAN. 

Efficient Use of Network Resources 
Most remote monitoring systems simply capture wireless 
oackets and resend them to a remote site for processing, 
needlessly consuming valuable bandwidth. AirMagnet 
Sensors, conversely process locally, sending real-time 
alarms only when thresholds are reached. Trending data 
is saved on the sensor, and securely sent at regular 
intervals to the Management Server, minimizing 
operational load on the network and servers. 
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AirMagnet Distributed Specifications 





Security Ma nageme nt _ 



General 



Supported B02J I Standards 
Radio Frequency 
Supported Security Standards 
SNMP Traps 
Integration co 3rd Party Console! 

Reporter Option 
Secure Communication 
Real-Time Decode 
Decode Level 
Trace Rte Compatibility 




AirMagnet, Inc. 
465 Fairchild Drive, 
Suite 203 
Mountain View, CA 
94043 

650-694-6754 

vAVw.AirMagnet.com 

info@airmngnet.com 



A. B.G 

1A GHi.5 GHz Bands Concurrency 
8D2. 1 *. UAP.TKIP. MIC. PEAR WPA, VPNi 

Yes 

HP Of*nView. CA Linicjenrur 
Yes 

SSL.TLS 
Ye* 

Layers I .'2.3 

Air Magnet. Sniffer. Situ-real 



JEnj_to End Connectivity 

- Mismatched SSID 

* Clienc wKh Match All SSID 

- Mismatched RF Channel 

* Mismatched Privacy Setting 

* Authentication Failure 

* ^association Failure 

* Possible Equipment Failure 

* AP Signal Out of Range 
. Mismatched Capability Settings 

* Device With Bad WEP Key 

* Higher Layer Protocol Problem 

* 801. Ix Authentication Failure 



Tools 

• Perform - Ping 

* DHCP • TraceRoute 



Software Sensor 



Appliance Sensor 



Policy Enforcement ■ 
Detects. 15 Violations 

.APwitfi WEP Disabled 
. Client Station with WEP Disabled 

• WEP IV Reused 

• Device Using Open Authentication 

- AP Unconfigured 

- Rogue AP 

< Rogue Client Station 

- CrackabJeWEP IV m Use 

• Device Unprotected by VPN 
. Device Unprotected by 802. 1 x 

- AP Broadcasting SSID 
« Ad-hoc Station Detected 

• Long EAPRokcy Timeout 

• Device Using Shared Key Authentication 
. Unassodated Station Detected 

i 

Per form ance Management 

Detects 12 Sources of i 
Poor Performance | 

• AP With Weak S feral Strength 

• Low Transmission Speed 
« High Packet Fragmentation Rate 

• High Bandwith Usage 

• Missed AP Beacons 

• High Speed Transmission Not Supported 

- Channel Overloaded byAPs 
. 802. 1 1 Performance Options Not 

Supported 

- APs With Mutual Interference 

• High Mgmt and Control Frame 
Overhead 

- AP Overloaded with Clients 
. AP Overloaded by Bandwith 

Consumption 



Management Server 



Intrusion Detection - 
Detects 1 6 Threats 

• Spoofed MAC Address Detected 
. Device Probing With NULL SSID 

- Dictionary Attack in EAP Methods 

• Abnormal Authentication failures 

- Denial of Service Attacks 

•Association Flood 
- Authentication Rood 

• EAPOL logoff 

• EAPOL start 

• EAPOL ID Flood 

• EAPOL Spoofed Success 

• Deauthentlcaoon Broadcast 

• Deaudiendcation Flood 

• Ds-associadon Broadcast 

• Dis-atsoclation Flood 

• RF Jamming 

Reli abilit y Ma nage ment 

Detects 1 2 Sources of 
Poor Reliability 

» WLAN Hidden Node Problem 

• AP System of Firmware Reset 

- Station Excessively Switching Between APs 

• Packet Error Race Exceeded 

• AP Association Capacity Full 

• Channel with Overloaded APs 

• DCF and PCF Controls Active at 
Same Time 

• Conflicting AP Configuration 

• Channel with High Noise Levels 

- High Multicast/Broadcast Traffic 
•Ad-hoc Station Using AP SSID 

• Station Constantly Probing for Connection 



Management Console 



Operating System 


Windows 2000. XP | 
{PC Not included ; 


Operating System 


Embedded Ui ix ' 
(Hardware JrvMed. 


Operating System 


Windows iOOa XP 
(PC Not Included) 


Operating System 


Windows 2000. XP 
iPC Not Included) 


Memory 


1 UJ MB Hnjintm 


Memory 


64 MB 


CPU 


800MHz Minimum 


CPU 


800 MH* MvthHM 


Disk Storage 


20 M3 Free Space 
Minimum 


Amenm 


Omni-<ti»ectit *ial. 
2.4 GHz; 3.0 IW. 
5.2S GHr S.!> dbi. 
5.7* GHr SJ. ! dbi 


Memory 
Disk Storage 


256 MB Minimum 
4 CB Free Space 


Memory 
Disk Storage 


2Sf» MB Minimum 

20 MB Free Space 
Minimum 


Supported 802.1 1 
PC or PO Cards 


Chen PCM3St 
LMC252. PCIJM. 
NerGearWABSOl 


80XM Radio Card 


Atheros base J f/bifc 

Tm ilt hi node lird 


# Of Sensors 
Supported 


Unlimited 






V 




10/100 Ethernet Port 


2W«chPowt' Ow 
Ethernet Of!- Ion 


Information 
Repository 

1 


Aggrejaie Sei**o» 
Alums. wireless device 
and traffic wends 




J 



AIRMAGNET 
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All other product names mentioned herein may be trademarks of their respective companies. 
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